Big,Data.,Business,And,Digital,Technologies.,Data,Flow,In,A

Articles by Topic:

Web Security

WordPress plugins GutenKit Hunk Companion

The Mass Exploitation of GutenKit and Hunk Companion

November 15, 2025

In early October, Wordfence, which specializes in WordPress security, discovered a large-scale exploitation campaign had resurfaced. The attack weaponized the long-standing capability-check flaws in two WordPress plugins: GutenKit (CVE-2024-9234) Hunk Companion (CVE-2024-9707 and CVE-2024-11972) “This…

FBI Warns of New Salesforce Data Extortion Campaigns

September 30, 2025

The FBI has issued a FLASH alert warning of new data theft and extortion campaigns aimed at Salesforce users. Investigators say two cybercriminal groups are breaking into Salesforce instances through social engineering schemes and compromised…

SEO Poisoning Campaign Targets Chinese Users with Hiddengh0st and Winos Malware

September 15, 2025

Many security issues on the internet stem from avoidable mistakes based on an assumption of safety or legitimacy, often supported by implicitly understood “trust signals.” Users online are primed to have confidence in search engines,…

Menlo Security GenAI phishing deepfake risk

Menlo Security Reveals How GenAI Tools Are Reshaping Work—and Risk

August 16, 2025

Generative AI is reshaping how people work. In January 2025 alone, Menlo Security recorded 10.53 billion visits to AI-related websites. That’s a 50% jump from just 11 months earlier. And most of that activity—an estimated…

June 30, 2025

It is tempting to believe that widely used browser extensions are required to follow strict security practices to protect users of popular browsers like Google Chrome, but this is not always the case. The ecosystem…

ClickFix and the New Face of Phishing: Why Your Browser Is the Next Battleground

June 23, 2025

Phishing has taken a new and unsettling turn with the emergence of ClickFix, a browser-based tactic that doesn’t rely on fake login pages or malicious downloads. ClickFix masquerades as a security feature, using convincing visual…

Kremlin-Linked Hackers Escalate Global Cyber Espionage to Aid War in Ukraine

June 02, 2025

The cyberthreat group known as Fancy Bear and Sednit, among a litany of other names, has been active for over 20 years. In that time, the group is supposed to have been responsible for a…

The 47-Day Certificate Countdown

May 12, 2025

The CA/Browser Forum recently took an official vote to amend the TLS Baseline Requirements, bringing certificate lifespans down to 47 days by 2029 through a series of gradual changes. This comes largely in response to…

NSA Leadership Shakeup Sparks Cybersecurity Concerns

April 10, 2025

On Thursday, April 3rd, the highest officials at the National Security Agency were abruptly fired. Air Force Gen. Timothy Haugh had been serving as the head of U.S. Cyber Command and director of the NSA,…

How GenAI and Phishing-as-a-Service Are Transforming Cyber Threats in 2025

April 07, 2025

The enterprise web browser as the primary battleground for cybercriminals is the underlying theme of Menlo Security’s State of the Browser Security report. The report highlights the trends around attacks concentrated on exploiting web browser…

March Madness, Cyber Sadness: How AI-Powered Hackers Are Scoring Big Against Businesses

March 18, 2025

With the start of the NCAA March Madness Tournament season, the social and cultural phenomenon has a presence in many workplaces. Up to 80 million tournament brackets are filled out each year, and many employees…

2.8 Million IPs Target VPN and Security Devices

February 24, 2025

A massive brute force attack is hammering VPNs and security appliances, with attackers using nearly 3 million IP addresses to flood these devices with credential-guessing attempts. According to reports, the attack has been ongoing for…

Homebrew Targeted in Malvertising Campaign Distributing AmosStealer Malware

February 10, 2025

The free, open-source software package management system Homebrew is a popular tool for simplifying the process of installing software on macOS and Linux systems. It is entirely run by volunteers and often benefits from user…

Cloud App Impersonations and the Rise of Sophisticated Credential Harvesting

February 04, 2025

There are no safe spaces on the internet. Cybercriminals will exploit any and every opportunity to launch attacks. This has been demonstrated again by researchers at SlashNext, who have uncovered a new credential harvesting campaign.…

Cisco ASA Vulnerability Resurfaces as Active Threat

January 07, 2025

A security vulnerability from ten years ago has recently been exploited in the wild again: CVE-2014-2120, first recognized in March 2014, is a vulnerability in Cisco Adaptive Security Appliance’s (ASA) WebVPN login page. In November…

DocuSign Impersonation Attacks Exploit Trust in Government Communications

January 02, 2025

DocuSign is the centerpiece of an alarming new wave of phishing scams. These schemes mimic communications from government agencies, such as state licensing boards and municipal offices, preying on the trust businesses place in these…

Holiday Scams on the Rise: How Cybercriminals Exploit the Season of Giving

December 02, 2024

The holiday season is always a time of heavy activity for cybercriminals, as they take advantage of the heightened emotions, increased shopping and travel activity, and busy preparations to create ripe targets for attacks. Many…

Tricked By a CAPTCHA: How Cybercriminals are Using Fake Verifications to Steal Sensitive Data

November 12, 2024

One of the most ubiquitous security measures on the internet, CAPTCHA is not generally seen as a potential threat vector, but bad actors can leverage fake CAPTCHA pages to harvest sensitive information from their targets.…

Subscribe for the Latest News

"*" indicates required fields

URL

This field is for validation purposes and should be left unchanged.

First Name*

Last Name*

Company Name*

Job Title*

Email*

Country*

Employee Count*

Industry*

CAPTCHA

Webinars

Tuesday, Nov. 18 1pm ET / 10am PT

The Offensive Security Blueprint: Building a Modern Program to Confidently Reduce Business Risk

Thursday, Nov. 20 1pm ET / 10am PT

The VPN Trap: Why Remote Access Is Failing You

Wednesday, Dec. 10 1pm ET / 10am PT

Threat Intelligence Briefing: Is your Firewall as secure as you think?